11 information security management

Threats to information security Types of Security Problems?. Threats to information security • Denial-of-service attacks intentional... Threats to information security - Loss of Infrast

Lecture 11: Information Security

Management Nga.lethiquynh@ueh.edu.vn http://mis.ueh.edu.vn/blog/

Q4 What data safeguards are available?

Q5 What human safeguards are available?

Q6 How should organizations respond to

security Incidents?

Q1: What are the threats

to information security?

Threats to information security

 Sources of Threats?

 human error and mistakes:

 accidental problems caused by both employees and nonemployees

 poorly written application programs and poorly designed procedures

 physical accidents

 malicious human activity

 employees and former employees who intentionally destroy data

 Hackers

 natural events and disasters

 fires, floods, hurricanes, earthquakes, tsunamis, avalanches, and other acts of nature

Threats to information security

 Types of Security Problems?

Source: Textbook [1], page 409

 Unauthorized Data Disclosure

 Pretexting: when someone deceives by pretending to be

someone else

 Phishing: uses pretexting via email

 Spoofing: another term for someone pretending to be someone else

 IP spoofing: occurs when an intruder uses another site’s IP address as

if it were that other site

 Email spoofing: a synonym for phishing

 Drive-by sniffers: take computers with wireless connections through an area and search for unprotected wireless networks

Threats to information security

 Incorrect Data Modification

 Procedures incorrectly designed or not followed

 Increasing a customer’s discount or incorrectly modifying employee’s salary

 Placing incorrect data on company the Web site

 Improper internal controls on systems

 System errors

 Faulty recovery actions after a disaster

Threats to information security

Threats to information security

• Denial-of-service attacks (intentional)

Threats to information security - Loss of

Infrastructure

• Human accidents.

• Theft and terrorist events.

• Disgruntled or terminated employee.

• Natural disasters.

• Advanced Persistent Threat (APT)

 Sophisticated, possibly long-running

computer hack perpetrated by large,

well-funded organizations

What Are the Components of an

Organization’s Security Program?

 3 components

 senior-management involvement

 establish the security policy

 manage risk by balancing the costs and benefits

of the security program

 Safeguards: protections against security

threats

 organization’s planned response to security

incidents

Security Safeguards

Source: Textbook [1], page 411

Q2: What is senior

management’s security role?

Senior management’s security role

 What sensitive data the organization will store.

 How it will process that data.

 Whether data will be shared with other

organizations.

 How employees and others can obtain copies of data

stored about them.

 How employees and others can request changes to

inaccurate data.

 What employees can do with their own mobile

devices at work

 …

 determine what safeguards

 Risk-Management Decisions : decide what to do

Risk Assessment Factors Source: textbook [1], page 415

Senior management’s security role

Q3 What technical

safeguards are available?

Technical safeguards

Source: Textbook [1], page 418

Essence of https (SSL or TLS)

Source: Textbook [1], page 422

Digital Signatures

Source: Textbook [1], page 423

Malware Protection

replicates itself

 Trojan horses are viruses that masquerade

as useful programs or files

the Internet or other computer network

 Spyware programs are installed on the

user’s computer without the user’s

Malware Protection

1. Antivirus and antispyware programs.

2. Scan frequently.

3. Update malware definitions.

4. Open email attachments only from

known sources.

5. Install software updates.

6. Browse only reputable Internet

neighborhoods.

Q4 What data safeguards

are available?

Data safeguards

Source: Textbook [1], page 427

Q5 What human

safeguards are available?

Human safeguards

Source: Textbook [1], page 429

Account Administration

Account Management

➢ Standards for new user accounts,

modification of account permissions, and

removal of accounts that are not needed

Sample Account Acknowledgment

Form

Source: Textbook [1], page 431

Systems Procedures

Source: Textbook [1], page 432

Q6 How should organizations

respond to security Incidents?

How should organizations respond to

security Incidents?

Source: Textbook [1], page 435

Q4 What data safeguards are available?

Q5 What human safeguards are available?

Q6 How should organizations respond to

security Incidents?

Additional Resources

 2017-Ransomeware ‘WannaCry’ attack

explained

 2017-Impact of WannaCry